JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.55.255.1

1.55.255.1 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 0%: ?

ISP	FPT Telecom Company
Usage Type	Fixed Line ISP
ASN	AS18403
Domain Name	fpt.com
Country	🇻🇳 Viet Nam
City	Hanoi, Hanoi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.55.255.1

Whois 1.55.255.1

IP Abuse Reports for 1.55.255.1:

This IP address has been reported a total of 11 times from 8 distinct sources. 1.55.255.1 was first reported on September 19th 2021, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-13 05:39:11 (2 months ago)	[redacted] 1.55.255.1 - - [13/Apr/2026:07:38:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Word ... show more [redacted] 1.55.255.1 - - [13/Apr/2026:07:38:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 1.55.255.1 - - [13/Apr/2026:07:38:38 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)" [redacted] 1.55.255.1 - - [13/Apr/2026:07:38:48 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 1.55.255.1 - - [13/Apr/2026:07:38:59 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 1.55.255.1 - - [13/Apr/2026:07:39:10 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-04-13 03:35:35 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 1.55.255.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 1.55.255.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 23:35:21.594861 2026] [security2:error] [pid 3147622:tid 3147642] [client 1.55.255.1:7537] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 1.55.255.1 (+1 hits since last alert)\|killasgarage.bike\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "killasgarage.bike"] [uri "/xmlrpc.php"] [unique_id "adxkecn88Y-LlkEG4xpU4wAAANI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-12 07:29:38 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 1.55.255.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 1.55.255.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 03:29:22.080477 2026] [security2:error] [pid 1623768:tid 1623768] [client 1.55.255.1:35605] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 1.55.255.1 (+1 hits since last alert)\|drgtek.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "drgtek.com"] [uri "/xmlrpc.php"] [unique_id "adtJ0hMR6aGAObN7OdSbpgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-12 04:51:15 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 1.55.255.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 1.55.255.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 00:50:58.273233 2026] [security2:error] [pid 2073131:tid 2073131] [client 1.55.255.1:57413] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 1.55.255.1 (+1 hits since last alert)\|websitesforauthors.design\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "websitesforauthors.design"] [uri "/xmlrpc.php"] [unique_id "adsksjKwkRujfrBB_HbWeAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-04-11 12:00:06 (2 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇨🇿 huginet	2026-04-11 05:58:57 (2 months ago)	1.55.255.1 - - [11/Apr/2026:07:58:54 +0200] "GET /feed/ HTTP/1.1" 404 52399 "-" "WordPress.com; http ... show more 1.55.255.1 - - [11/Apr/2026:07:58:54 +0200] "GET /feed/ HTTP/1.1" 404 52399 "-" "WordPress.com; https://wordpress.com" 1.55.255.1 - - [11/Apr/2026:07:58:55 +0200] "GET /author-sitemap.xml HTTP/1.1" 404 51893 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)" ... show less	Web Spam Web App Attack
Anonymous	2026-04-08 06:35:27 (2 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 myagent.site	2026-04-07 06:28:16 (2 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking
🇺🇸 TPI-Abuse	2026-04-06 13:24:25 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 1.55.255.1 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 1.55.255.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 09:24:12.020675 2026] [security2:error] [pid 50155:tid 50155] [client 1.55.255.1:5427] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|38floorsupply.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "38floorsupply.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adOz_H6wkLKnZl7T0jnW3wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Invisiblemen	2021-11-11 04:18:42 (4 years ago)	Unauthorized connection attempt from IP address 1.55.255.1 on Port 445(SMB)	Port Scan
🇱🇺 spheres.li	2021-09-19 23:02:55 (4 years ago)	1.55.255.1 triggered Icarus honeypot. Check us out on github.	Port Scan Hacking

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇭 119.13.57.233

🇵🇰 103.198.154.184

🇮🇹 93.149.95.245

🇳🇱 91.92.40.233

🇷🇺 83.220.185.70

🇨🇱 68.211.177.55

🇭🇰 45.142.154.10

🇳🇱 45.148.10.141

🇺🇸 40.160.26.3

🇪🇹 196.188.227.185

🇭🇰 168.76.131.178

🇩🇪 138.68.70.115

🇧🇷 129.121.54.237

🇷🇴 80.94.92.178

🇨🇳 182.117.70.232

🇮🇩 182.2.179.62

🇫🇷 85.217.140.48

🇹🇼 61.216.79.25

🇯🇵 43.153.185.56

🇺🇸 34.228.104.231